In Part 1 of Pentesting 101: Surveying, we discussed the Metasploit framework and how to create a database of network and host information in addition to how you can route packets and connections through a host. In Part 2, we will cover other tools to use during a penetration test as well as troubleshooting techniques. Read More

In the last article we covered how to catch a callback from a target network. Catching a callback is not necessarily a tough task but it does require a bit of finesse and accurate parameters. Once you have a foothold on the network, it’s now time to find out where to move and where to maintain a presence within the target environment. Read More

Penetration testing is a fulfilling and lucrative position within the cyber security industry. Otherwise known as ethical hackers, pentesters work with companies to exploit weaknesses in their network, systems, and applications to ultimately create a safer online environment. Read More

In our last blog post, we identified the first three tools Pentesters need to know, which include various social media platforms for information gathering as well as Nmap and FPing for host / port scanning. In part two, we will continue to take a look at a few other key tools needed and when they should be used. Read More

IT and Information Security are highly practical and hands-on fields. As a result, Penetration Testers of all levels should be familiar with the tools needed to be successful in their work. But what exactly are those tools? In part one of this two part blog series, we’ve compiled a short list of the top tools every Penetration Tester should know, and when to use them. It is important to note that a thorough penetration test is composed of six crucial phases: Engagement, Information Gathering,... Read More

We concluded part one of the pentesting callback blog series with a bit of a cliffhanger! The console was hung on the victim machine and if the victim were to kill the process or close the window, the reverse shell had the potential to be killed as well.  Read More

Hisomeru's Pentesting 101 article series continues with a look at different callback techniques as well as simple SSH tunneling. INTRODUCTION Read More

In the conclusion of the Fingerprinting section of our Pentesting 101 series we cover hiding while fingerprinting. Need to catch up? Check out our entire Pentesting 101 series here.  Read More

In the continuation of our Pentesting 101 series we dive deeper into fingerprinting. During the remainder of this series, we will display nmap screenshots. We recommend reading the command line switches here to familiarize yourself with the information before the next section of the article is released. It’s worth it to take a moment to read the command line switches on this page to familiarize yourself with the upcoming set of screenshots. Read More

So far in the introduction to penetration testing series of articles, we have covered non-intrusive ways of gathering intelligence on a target network. Using Technical and Human OSINT helped create a picture of the target network that is subject to a penetration test through unobtrusive means. If you’re just joining us in this series, we define Technical OSINT as gathering technical data on a target network through tools and web searches. Human OSINT is gathering data on the human aspect of the... Read More